CVE-2026-43011

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-43011
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When alloc_skb fails in x25_queue_rx_frame it calls kfree_skb(skb) at line 48 and returns 1 (error). This error propagates back through the call chain: x25_queue_rx_frame returns 1 | v x25_state3_machine receives the return value 1 and takes the else branch at line 278, setting queued=0 and returning 0 | v x25_process_rx_frame returns queued=0 | v x25_backlog_rcv at line 452 sees queued=0 and calls kfree_skb(skb) again This would free the same skb twice. Looking at x25_backlog_rcv: net/x25/x25_in.c:x25_backlog_rcv() { ... queued = x25_process_rx_frame(sk, skb); ... if (!queued) kfree_skb(skb); }

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/143d4fa68ae9efb83b0c55b12cc7f0d03732a2b1 Patch
https://git.kernel.org/stable/c/3f5e3005984645bf5bd129c6b13149879580b1fb Patch
https://git.kernel.org/stable/c/524371398d8463ea7e101fce2cbf3915645d1730 Patch
https://git.kernel.org/stable/c/5d0aa038a90b30c9bedde0c41c1fdcd98ecb16e9 Patch
https://git.kernel.org/stable/c/c87dd137c0dad07cc55f98181ff380b0c23d2878 Patch
https://git.kernel.org/stable/c/d10a26aa4d072320530e6968ef945c8c575edf61 Patch
https://git.kernel.org/stable/c/f782dd382203b2a8c4552a628431b7de65a19a7b Patch
https://git.kernel.org/stable/c/fa1dbc93530b34fab0da9862426fe9c918c74dc0 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
History

07 May 2026, 20:26

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
CWE CWE-415
First Time Linux linux Kernel
Linux
References () https://git.kernel.org/stable/c/143d4fa68ae9efb83b0c55b12cc7f0d03732a2b1 - () https://git.kernel.org/stable/c/143d4fa68ae9efb83b0c55b12cc7f0d03732a2b1 - Patch
References () https://git.kernel.org/stable/c/3f5e3005984645bf5bd129c6b13149879580b1fb - () https://git.kernel.org/stable/c/3f5e3005984645bf5bd129c6b13149879580b1fb - Patch
References () https://git.kernel.org/stable/c/524371398d8463ea7e101fce2cbf3915645d1730 - () https://git.kernel.org/stable/c/524371398d8463ea7e101fce2cbf3915645d1730 - Patch
References () https://git.kernel.org/stable/c/5d0aa038a90b30c9bedde0c41c1fdcd98ecb16e9 - () https://git.kernel.org/stable/c/5d0aa038a90b30c9bedde0c41c1fdcd98ecb16e9 - Patch
References () https://git.kernel.org/stable/c/c87dd137c0dad07cc55f98181ff380b0c23d2878 - () https://git.kernel.org/stable/c/c87dd137c0dad07cc55f98181ff380b0c23d2878 - Patch
References () https://git.kernel.org/stable/c/d10a26aa4d072320530e6968ef945c8c575edf61 - () https://git.kernel.org/stable/c/d10a26aa4d072320530e6968ef945c8c575edf61 - Patch
References () https://git.kernel.org/stable/c/f782dd382203b2a8c4552a628431b7de65a19a7b - () https://git.kernel.org/stable/c/f782dd382203b2a8c4552a628431b7de65a19a7b - Patch
References () https://git.kernel.org/stable/c/fa1dbc93530b34fab0da9862426fe9c918c74dc0 - () https://git.kernel.org/stable/c/fa1dbc93530b34fab0da9862426fe9c918c74dc0 - Patch

03 May 2026, 07:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8

01 May 2026, 15:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-05-01 15:16

Updated : 2026-05-07 20:26

NVD link : CVE-2026-43011

Mitre link : CVE-2026-43011

CVE.ORG link : CVE-2026-43011

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-415

Double Free